Cisco Linksys e2500 & OpenVPN gateway
Добавлено: 29 май 2012, 15:02
Короче, задача: заставить работать эту сраную железяку с ОпенВПН (он уже настроен и сконфигурен, с компа цепляется, роуты рулятся, короче полный профит.) Осталось запустить тока железку дабы не ставить какого-то рода роутер на базе ПК
На железяку уже поставлен последний дд-врт, опенвпн клиент присуццтвует. Вот тока не цепляется и все тут. Примерный набор логов и конфигов:
cat /etc/openvpn/vpnet.conf
Код: Выделить всё
mode server
tls-server
proto tcp-server
dev tap
port 5555 # Порт
daemon
tls-auth /etc/openvpn/vpnet/keys/ta.key 0
ca /etc/openvpn/vpnet/keys/ca.crt
cert /etc/openvpn/vpnet/keys/vpsrv.crt
key /etc/openvpn/vpnet/keys/vpsrv.key
dh /etc/openvpn/vpnet/keys/dh1024.pem
ifconfig 10.10.0.1 255.255.255.0 # Внутренний IP сервера
ifconfig-pool 10.10.0.2 10.10.0.128 # Пул адресов.
push "redirect-gateway def1" # Перенаправлять default gateway на vpn-сервер. Если не нужно - закомментировать.
push "route-gateway 10.10.0.1"
duplicate-cn
verb 3
cipher DES-EDE3-CBC # Тип шифрования.
persist-key
log-append /var/log/openvpn.log # Лог-файл.
persist-tun
comp-lzo
Код: Выделить всё
tls-client
proto tcp-client
remote 77.хх.хх.хх
dev tap
port 5555
cd c:\\key\\vpnet\\
pull
tls-auth c:\\key\\vpnet\\ta.key 1
ca c:\\key\\vpnet\\ca.crt
cert c:\\key\\vpnet\\vpclient.crt
key c:\\key\\vpnet\\vpclient.key
cipher DES-EDE3-CBC
comp-lzo
Код: Выделить всё
Tue May 29 14:38:06 2012 MULTI: multi_create_instance called
Tue May 29 14:38:06 2012 Re-using SSL/TLS context
Tue May 29 14:38:06 2012 LZO compression initialized
Tue May 29 14:38:06 2012 Control Channel MTU parms [ L:1576 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue May 29 14:38:06 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Tue May 29 14:38:06 2012 Local Options hash (VER=V4): '9de5f9b6'
Tue May 29 14:38:06 2012 Expected Remote Options hash (VER=V4): '89f33c77'
Tue May 29 14:38:06 2012 TCP connection established with 92.245.96.14:57785
Tue May 29 14:38:06 2012 TCPv4_SERVER link local: [undef]
Tue May 29 14:38:06 2012 TCPv4_SERVER link remote: 92.245.96.14:57785
Tue May 29 14:38:06 2012 92.245.96.14:57785 TLS: Initial packet from 92.245.96.14:57785, sid=653467c0 fde20c1d
Tue May 29 14:38:07 2012 92.245.96.14:57785 VERIFY OK: depth=1, /C=KG/ST=XX/L=Bishkek/O=ABM-auto/CN=ABM-auto_CA/emailAddress=admin@abmauto.kg
Tue May 29 14:38:07 2012 92.245.96.14:57785 VERIFY OK: depth=0, /C=KG/ST=XX/L=Bishkek/O=ABM-auto/CN=vpclient/emailAddress=admin@abmauto.kg
Tue May 29 14:38:07 2012 92.245.96.14:57785 Data Channel Encrypt: Cipher 'DES-EDE3-CBC' initialized with 192 bit key
Tue May 29 14:38:07 2012 92.245.96.14:57785 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue May 29 14:38:07 2012 92.245.96.14:57785 Data Channel Decrypt: Cipher 'DES-EDE3-CBC' initialized with 192 bit key
Tue May 29 14:38:07 2012 92.245.96.14:57785 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue May 29 14:38:07 2012 92.245.96.14:57785 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue May 29 14:38:07 2012 92.245.96.14:57785 [vpclient] Peer Connection Initiated with 92.245.96.14:57785
Tue May 29 14:38:09 2012 vpclient/92.245.96.14:57785 PUSH: Received control message: 'PUSH_REQUEST'
Tue May 29 14:38:09 2012 vpclient/92.245.96.14:57785 SENT CONTROL [vpclient]: 'PUSH_REPLY,redirect-gateway def1,route-gateway 10.10.0.1,ifconfig 10.10.0.2 255.255.255.0' (status=1)
Tue May 29 14:38:10 2012 vpclient/92.245.96.14:57785 MULTI: Learn: 00:ff:d0:e5:25:74 -> vpclient/92.245.96.14:57785
Код: Выделить всё
Tue May 29 14:02:37 2012 MULTI: multi_create_instance called
Tue May 29 14:02:37 2012 Re-using SSL/TLS context
Tue May 29 14:02:37 2012 LZO compression initialized
Tue May 29 14:02:37 2012 Control Channel MTU parms [ L:1576 D:168 EF:68 EB:0 ET:0 EL:0 ]
Tue May 29 14:02:37 2012 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Tue May 29 14:02:37 2012 Local Options hash (VER=V4): '9de5f9b6'
Tue May 29 14:02:37 2012 Expected Remote Options hash (VER=V4): '89f33c77'
Tue May 29 14:02:37 2012 TCP connection established with 92.245.96.14:49753
Tue May 29 14:02:37 2012 TCPv4_SERVER link local: [undef]
Tue May 29 14:02:37 2012 TCPv4_SERVER link remote: 92.245.96.14:49753
Tue May 29 14:02:38 2012 92.245.96.14:49753 Connection reset, restarting [0]
Tue May 29 14:02:38 2012 92.245.96.14:49753 SIGUSR1[soft,connection-reset] received, client-instance restarting